Home page logo
/

oss-sec logo oss-sec mailing list archives

fetchmail 6.3.20 release to fix CVE-2011-1947 (was: CVE request for fetchmail STARTTLS hang (Denial of Service))
From: Matthias Andree <matthias.andree () gmx de>
Date: Mon, 06 Jun 2011 17:02:27 +0200

Greetings,

I've just released fetchmail 6.3.20 to fix the STARTTLS
denial-of-service problem present in all earlier fetchmail releases,
CVE-2011-1947.

Note that distributors are advised to thoroughly check the NEWS file and
consider doing a stable release update rather than just backporting the
security fixes, there were several notable bug fixes.

At least do note <http://www.fetchmail.info/fetchmail-EN-2010-03.txt> -
it's a good opportunity to fix this, too...

Changelog:
https://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/NEWS

Homepage:
http://www.fetchmail.info/

Downloads:
http://developer.berlios.de/project/showfiles.php?group_id=1824&release_id=18583

Best regards,
Matthias Andree
Hat: fetchmail maintainer


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]